PMG,
still want to make this work.
could you take of
unix password sync = Yes

and see what is the thing then?
also you might want to check with testparm the settings.

the ones I come up with are:
hosts allow
smb passwd file

and then
you have:
read list = %u
write list = %u
force user = %u

I noticed when used samba like you before implemented winbind, that the user is not %u but %U
this is actually one I would check first.

also, you have set the password servers but is there any specific reason why you don't use *?
when used as a member server in domain, it automatically gets the fastest responding DC and queries from it.

cheers,
_________________________
!

download KiXnet